Tuesday, 13 September 2011

DEFCON 19

I have been meaning to write about my attendance at DEFCON 19 in Las Vegas last month and finally I am writing about this before I disappear off to Mexico for a week. Needless to say, the conference was well-worth the trip to Vegas and I am definitely attending again. The only negative thing I have to say in regards to it is the fact that it was 43 C every single fucking day.

One of the things that I found interesting about this trip to the United States was that this was the first-ever venture into that country where I was flying domestic. If you fly out of Vancouver to Las Vegas, you're looking at a 80% premium compared to flying out of Bellingham, Washington, which is only 45 minutes from where I reside.

Most of my photos from DEFCON were taken with my smartphone during the course of the weekend and consisted of friends of mine. What you see here are just an excerpt of what had occurred over the weekend.

 

Wall of Sheep is something I have heard of for years and it is quite legendary. What was sort of depressing was that I was seeing familiar hostnames appearing on the screen during the course of the weekend. People tend to wonder why I don't bother with a wireless network at home and this really the reason for my decision.


A coworker of mine was amongst the group that had decoded the mystery that was this year's DEFCON badge. I took a swing at it personally but got lost part-way through.


This charge station caught my attention as did many others because not only was it a charge station at DEFCON but it was a station with a screen. Upon inserting a cable into your mobile device, the screen changes and asks you why you've done that but graciously charges your phone without doing anything nefarious. When I first saw this, I immediately began to wonder who in attendance would be gutsy or naive enough to try this.


Hacker Jeopardy was definitely worth watching. One funny story about this event was that a friend of mine from IRC had went and posted QR codes all over the Rio during the course of the weekend. I cannot remember what they did besides display a message telling people not to be idiotic and scan them. He got the bright idea to get the girl on the stage during Jeopardy to wear one of the codes around her legs (she was effectively down her underwear at this point) and had a whole bunch of males run up and take photos. Hilarity.


IOActive had put on an impressive show during Saturday evening. I had an opportunity to attend their other event during Blackhat but I decided to not do anything with my pass and socialise instead.


A bit of a sideshow to DEFCON, but a bunch of us opted to go visit the Pinball Museum which was a bit east of the strip. I definitely had a great time and found myself mastering a German pinball machine modeled around Super Mario World.


 

It is unlikely that I will be in Vegas for next year but I will most likely be at HOPE in New York as I have been asked to help out. I also have plans to give a talk on a project that I will be discussing later this fall.

Tuesday, 1 March 2011

Is the UBB debate a giant advertisement for TekSavvy?

I got caught up in the whole anti-usage-based billing (UBB) debate in the latter part of last year and into this and had been weighing my options for alternatives to the Shaw Internet service that I have been using for five-years. TELUS' DSL service constantly came to mind but I wasn't interested in having to get telephone service and many of the DSL resellers had given me the run-around to whether or not they could provide me with service. It even dawned upon me that I could sign up for WIND or Mobilicity's cheap data service over their 3G network, but the thought of having to use a high-latency service just didn't appeal to me.

Time to drink the TekSavvy water



It seemed rather hopeless until it was pointed out to me by a friend that TekSavvy Internet (TSI) was starting to offer cable services in the Metro Vancouver area. I was extremely happy to hear this because here's a company that appears to be pro-user, anti-UBB, and fair price. Shaw was completely opposite of this as while they had the year before gone and doubled my speeds, they increased my bill by 25% and had went and cut my data limit by 30%. This seemed like a breath of fresh air to say the least!

TSI had been in the news for a few years since they started to fight with Bell over the caps and overages fees placed on their wholesale accounts. They also weren't new to me because they have had DSL in the region for a while now and Vancouver Hack Space has been a customer since day one. Their cable service wasn't new either, as in Ontario they were offering resold cable service via Rogers. By all accounts it looked like a slam-dunk as I was going to pay half the price for service that shouldn't cost as much as it does.

I wasn't alone in my eager interest to switch to this "new" cable service from TSI. My friend, Sean signed up the very same day that I did. In fact, I was customer number three and he was either one or two customers after me. I even encouraged people to consider switching as I heard nothing but praise from the DSL customers I knew.

Unfortunately it wasn't meant to go as well as I wanted it to.

Down the rabbit hole...



Unlike the vast majority of TSI's customers, I had once worked at an ISP and was very familiar with how things like cable modem termination systems (CMTS) worked and had a fundamental understanding of how Shaw and TekSavvy were supposedly working—or so I thought.

The notes you see as follows are pretty much an accurate portrayal of the nightmare that was switching to TekSavvy. In fact, the switch never fully completed and I had aborted it once my patience wore thin.





















Mid-JanSigned up with Teksavvy after cancelling my Shaw service effective February 12th. The modem I had was not a Shaw rental and was approved for use on the service.
Feb 12Service fails to switch to Shaw. Called up Teksavvy (TSI) after waiting 30-minutes on-hold and discovered that they had gotten my customer serial number (CSN) incorrect; the MAC address was correct however. Had them make the change and was told that it would take 24-hours to complete.
Feb 13Service with Shaw is officially severed after waking up to a denied modem state. Called up TSI, waited 45-minutes, and was told that it would likely be fixed by the afternoon. Called Teksavvy again just before dinnertime and had to deal with someone answering asking for me to wait for a callback as they were inundated with calls. Annoyed, I asked why I was waiting to hear that instead of getting assistance with regards to my lack of service. I then was told that it would be followed up with by the next business day as Shaw was unlikely working on the weekend.
Feb 14Still no service. Left a post on their Internet forum on DSL Reports (DSLR) towards the evening indicating my disgust as I was in no mood to wait another 45-minutes on the phone. Had to harass TSI staff to get a response as it was seeming like they were ignoring my post while responding to others.
Feb 15Same situation. Harassed the forum again and demanded a call in the following morning.
Feb 16Called TSI after they failed to call me. Spoke with a technical support rep. and asked him to get a supervisor to call me before noon or else I would definitely cancel. Supervisor called me about 12:15 PM and told me about their Shaw escalation process (or lack there of) and said that they would look at the matter. Got home later and discovered that my modem is receiving no signal, which indicated to me that Shaw had physically severed service. I immediately call TELUS and arrange to have service installed the following Wednesday.
Feb 17Requested to cancel online via their DSLR forum but was then told in a response that I had to call in. Left the matter alone as I wanted to not think about it.
Feb 18Called TSI's account department, waited no more than three minutes, requested to cancel, and then demanded a refund. The rep. then told me that they'd only refund in half. Being how unacceptable this response was thanks to the lack of service I was transferred to her manager after I requested it and the manager informed me that they'd listen to the call to see who was at fault and that he'd get back to me either Saturday or Sunday.
Feb 20Received a call from the same manager at TSI was told that it was their fault and not mine for the CSN mix-up. They would follow up with me on February 24th about the matter to see if Shaw had managed to fix the problem. Still switching to TELUS for DSL service.
Feb 24Teksavvy calls while I am at work and says that they finally received word from Shaw that everything was fine on their end. However, the line was severed as of an hour before that call and I had switched to TELUS. The manager agrees to send me a refund in the form of a cheque as I had paid through online banking.

In case you are not interested in reading the whole thing in point form, here's the Coles Notes (tl;dr) version of what transcribed above.


  • Upon signing up, the representative I spoke with interpreted the letter "X" as "ex-ray" instead of "x-ray" for whatever reason and failed to correct it even after I had confirmed it with him. The use of "x-ray" is acceptable according to the NATO phonetic alphabet.

  • TSI failed to have a method to confirm with Shaw that this was a valid modem. It's likely that TSI will never tell them that they're snatching away a customer. They also failed to inform Shaw that service was valid at my address, which is why my service was disconnected physically on the day that I opted to sever service completely.

  • When TSI makes or discovers a mistake, the only method for them to communicate with Shaw about the problem is via e-mail and it appears that it is only answerable on business days. I had confirmed with staff at TSI that they do not have a phone contact at Shaw (or even Rogers for that matter) if a problem arises and needs to be fixed immediately. The fact that contact was made from Shaw back to TSI over a week and a half after is pretty telling of how unreliable the service is.

  • While TSI having a direct forum to communicate on is rather awesome and a model for other ISPs to follow, it is quite easy for their representatives to ignore posts and not acknowledge that they've read it and will get back to me. This was pretty alienating because their hold times were already unacceptable and the attempted brush-off from my late-Sunday call to them was inappropriate to say the very least.



I could go on and on here, but the above points out why switching to TSI puts everything at risk. Stuff like all of this can happen with any ISP, but at least I would have a better expectation of what sort of window I had in terms of downtime.

What about Sean?



Sean is still fighting with TekSavvy to get his service enabled. In fact, TSI had sent a Shaw technician to take a look at his connectivity to determine that there wasn't a fault. The kicker? Sean was previously a Shaw customer up until the switch to TSI. Wouldn't the support representative who arranged for the tech to come out pick up on it being a possible configuration problem elsewhere?

He isn't alone in this mess either. There are a number of issues with other customers who too switched to TSI. Some had their service disconnected physically while others appear to have other strange problems that are either the product of Shaw messing around with TSI or a TSI representative fat-fingering like what had happened to me.

Here's just a sampling of problems faced by TSI's cable customers:



Do you know what the worst part about all of this is? All of these posts are from the last four weeks. It is one thing to grab a list of threads and then complain about these problems when it happened over a few months, but having this many posts discussing similar problems in two different regions thousands of kilometres apart is pretty damning and smells of incompetence.

Even more alarming, this is just a sampling from DSL Reports. I would wager that there are more customers who don't post on DSLR who are running into the exact same issue.

And as of this writing, Sean has still not received any service from TSI. He was supposed to be activated just about a week before I was to.

Anti-UBB, TekSavvy, and those who defend them



TSI has quite the following and I can understand why. When you have a company that offers unlimited downloads and is going to bat against the large telecommunication companies that are seemingly looking for new ways to squeeze us dry, you cannot help but want to be behind the scrappy little guy who has a few moves up his sleeves. I fell victim to this desire to be a part of this fight and realised that it was a fight not worth getting into.

Their stance on UBB has permitted them to get their name in major news outlets in the country. It's akin to Apple having to spend almost nothing on advertising their products because the media see the product, talk about it on-air, and Apple doesn't even have to show its face to them in the process. It's very much like that as all TSI has to do is make some noise, take Bell to court, and grab the interest of the media. It's very simple and it develops a culture around it that reminds me a lot about Apple zealots from the 1990s.

DSL Reports shows a great deal of this parallel when you take a look at negative reviews. Here's a sample from the thread that I had posted in:

"Isn't the Vancouver Cable service _experimental_ ?"


It was advertised as a new service. If it were "experimental" they should have offered the service at a discounted rate and spoken to either existing DSL customers or otherwise.

"Here's what you need to do if you want resolution of your issue. You need to call, again, and again and again until you get to someone who can give you answers.

You can politely say, "I need to talk to someone who can give me answers", instead of this escalate this, and send ticket that.

If you do this during business hours, you should get resolution because I'm sure that TSI is about customer satisfaction. You're right, you shouldn't have to be forced to go to an Internet forum to get official support, hopefully TSI is aware of this and picks up the ball."


Awesome. If this guy could invent a time machine that would take me forward 45-minutes, I would say that this is a good solution.

If you skim through some of the reviews, they paint a similar picture. Many users are willing to state that the service has a lot of problems but has good value for the money. It's pretty surreal to see what people are willing to put up with.

I also don't have much of a statement to give on UBB. In some respects it makes sense but it does come off as the telecommunication giants wanting to gouge people for more money. When data transfer for these companies cost less than a penny per gigabyte and they're charging two dollars per that unit for any customer who goes over, it's unacceptable. With that said, bandwidth is finite and those who constantly hoard TV shows via BitTorrent and do enough transfer to warrant the purchase of a new hard drive each month are the ones who should be penalized. Netflix, VoIP, and all that is similar should not be a method of creating punishment for the user-base, however.

What now?



I canceled my TekSavvy account with a full-refund after some wrangling with their accounting department. They initially wanted to go half-way with me on the refund until I raised a stink with a manager. TELUS came in and installed phone service and DSL service came a few days later after some problems arose. Not all ISP installations go smoothly but I have to say that TSI is far from an acceptable choice.

A tin-can with some string would provide better reliability.

Wednesday, 2 February 2011

Inside BC Ferries' wireless service

A few months ago I had the displeasure of finding out that the BC Ferries public wireless service was locked down so harshly that I found it almost un-useable for what I needed to do. Being that the corporation was once-again subject to the Freedom of Information and Protection of Privacy Act, I opted that instead of griping without anything to base the gripes on that I'd dig up information about how it was implemented and discuss it here.

To make this simple to why I wanted to know these things: I was unhappy over the fact that I couldn't use a private means of browsing. What I mean is that it is quite silly to browse the Internet or use any services without the use of a secure tunnel when you're on a network that is completely unfamiliar to you. Things like Firesheep make it easy for others to hijack your browser sessions and give you a headache. I am not worried about someone looking over my shoulder and seeing what I am doing but I am concerned about someone taking control.

Overall, wireless is very insecure by nature and BC Ferries was not making it better.


With a few dollars spent and some patience, I finally received this letter in my inbox:

Dear Mr. Keigher:

Re: Request under the Freedom of Information and Protection of Privacy Act

I am responding to your request of December 6, 2011 under the Freedom of Information and Protection of Privacy Act (FOIPP Act).

You requested:

The following information regarding the wireless service provided by BC Ferries:


  • List of web sites and or web site categories blocked by your web content filtering system

  • List of network service ports blocked or filtered

  • Reasons for the above decisions

  • E-mail communication regarding the implementation of the service

  • Any documentation of specifications requested.



Further to our January 25, 2011 letter to you, we are giving a third party the opportunity to make representations concerning the disclosure of two of these documents.

Enclosed please find copies of the remainder of the records responsive to your request. The Information Technology division and Public Affairs department were consulted to identify records responsive to your request.

Some of the records contain information excepted from disclosure under the FOIPP Act. This information was severed so the remaining information could be disclosed.

The severed information is excepted from disclosure under sections 13, 14, 15, 17 and 22 of the FOIPP Act. In particular:


  • One occurrence of information was withheld under section 13 as disclosure would reveal a recommendation to BC Ferries.

  • One occurrence of information was severed under section 14 as subject to solicitor-client privilege.

  • One occurance of information has been withheld under sections 15 and 17 where disclosure could reasonably be expected to harm the security of a computer system and disclosure could reasonably be expected to harm the financial interests of BC Ferries.

  • Third party personal information was severed under section 22 where disclosure would be an unreasonable invasion of personal privacy.



The rest goes on about payment and so forth.

A few days ago, a letter arrived in the mail informing me that a portion of the request has been delayed as they were awaiting the third party. I was informed that a response would be made one way or the other by March 8th.

Here's the technical run down on what is not being blocked by BC Ferries:








HTTPHTTPSFTPFTP-data
SMTPPOP3IMAPTelnet
GREDNSISAKMPNon500-ISAKMP
ESPSMTPSIMAP4 (585)IMAPS (993)
808018635222587
25251725  


What does this mean if you don't understand the above? Basically you can browse and send e-mail. There is more to it than just that but for the average person the above will let you go on Facebook and check out your Hotmail or GMail.

According to their web filtering software, they block the following kinds of websites:


  • Adult

  • Child pornography

  • File transfer services

  • Filter avoidance

  • Hate speech

  • Illegal activities

  • Non-sexual nudity

  • Peer file transfer

  • Pornography

  • Sexual education and abortion

  • Streaming media

  • Tasteless or obscene



Likely my website will begin to fall under "filter avoidance" because of this post, but one has to wonder why they'd be blocking sexual education and abortion on their service. Well, I didn't need to inquire about this as The Vancouver Sun did this for me based on my FOIPP request:

BC Ferries spokeswoman Deborah Marshall said the ferry corporation decided to block such material because it feared websites about abortion or sex education might contain inappropriate photos.

"There might be pictures and whatnot on some of these sites," said Marshall. "We do have to remember that we are a family venue and that there might be some parents who might be offended by their children seeing such pictures."


I am glad to know that BC Ferries will act as a moderator in a person's life!

The rest of the released documents aren't terribly interesting. The only thing of note was that there was a delay in launch and some miscommunication during the process of getting things set up and implemented, but that is all par for the course for any organization.

Update - February 3rd

Wow. This got a bit more coverage that I anticipated. To be quite honest, I only did this to find out how they were blocking everything and what their reasons were to do so.

I never really expected to find out that BC Ferries would be blocking abortion and sexual health on their service but I am disappointed to find that being the case. The response given by the corporation is beyond lackluster and to me demonstrates that they're imposing their own version of morality when it is not their place to do so.

Overall how they have gone about building this service is pretty pitiful. I could have done a better job configuring this all without resorting to the asinine methods used to prevent bandwidth abuse. I'd hate to imagine how much they paid to some consultant over the service's implementation.

I finally received the parts regarding the third party. To no surprise TELUS provides a 3G connection to the boats and to make things more interesting the implementation delay was caused by shipment problems caused by the G8 and G20 conferences. I have since uploaded the file containing the communications between BC Ferries and TELUS.

Here's some coverage on the matter. I haven't been contacted by any media outlet over the matter but I am glad to see that this is getting some press.



Download the documents:
2010-118 responsive records batch #1.pdf (1.2 MB PDF)
2010-118 responsive records batch #2.pdf (2.1 MB PDF)
2010-118 responsive records batch #3.pdf (1.2 MB PDF)
2010-118 responsive records batch #3.pdf (153 KB PDF)

Originals can be found here:
FOIPP Request 10-118